FCC Advances ‘U.S. Cyber Trust Mark’ to Foster IoT Security

The Federal Communications Commission has issued a formal Notice of Proposed Rulemaking (NPRM) for the U.S. Cyber Trust Mark labeling program for smart devices announced in July with the Biden administration. The voluntary program to provide certification for baseline cybersecurity standards is designed to help consumers make informed purchase decisions regarding Internet of Things (IoT) products. The FCC, which proposes to own the new Cyber Trust trademark and administer it in conjunction with third parties, is now officially soliciting comments from industries and the public on the scope of the proposed program. Continue reading FCC Advances ‘U.S. Cyber Trust Mark’ to Foster IoT Security

Plans for TikTok Containment Would Give Feds Broad Power

A draft agreement said to have been presented by the U.S. government to ByteDance that would let TikTok avoid a federal ban seeks “near unfettered access” to company data and “unprecedented control” over platform functions. The nearly 100-page document, reported on this week, seeks control federal officials don’t have over other media outlets — social or otherwise — raising domestic concerns about government overreach. The draft dates to summer 2022. It is not known whether it has been updated or if the secretive negotiations between ByteDance and the Committee on Foreign Investment in the United States (CFIUS) have since continued. Continue reading Plans for TikTok Containment Would Give Feds Broad Power

White House Launches $20 Million AI Cybersecurity Challenge

The White House has unveiled plans for a two-year competition with $18.5 million in prizes for artificial intelligence coders who can come up with ways to identify and fix software vulnerabilities in critical infrastructure code, such as that which runs the Internet. Styled AIxCC, the AI Cyber Challenge is being led by the Defense Advanced Research Projects Agency (DARPA) with support from companies including Anthropic, Google, Microsoft and OpenAI, who have committed to lending expertise and technology. Up to seven small businesses will potentially receive $1 million each to participate. Continue reading White House Launches $20 Million AI Cybersecurity Challenge

U.S. Impacted by Significant Increase in Ransomware Attacks

Ransomware attacks have surged in the 12 months ending in June 2023, with the United States accounting for 43 percent of the 1,900 attacks reported — 7x greater than that of the second most popular target, the United Kingdom, at 196. The period marked a 75 percent increase in U.S. ransomware attacks, which were perpetrated by 48 different groups including CL0P, a gang believed to have ties to Russia. U.S. companies, governmental organizations and individual consumers were targeted during the period, with healthcare and educational institutions disproportionately impacted, according to a study by cybersecurity firm Malwarebytes. Continue reading U.S. Impacted by Significant Increase in Ransomware Attacks

Companies Turn to Cyber Insurance as Global Threats Surge

The cost of a data breach can run as high as $4.54 million today, up from $3.86 million in 2020, according to an IBM study that says the fastest-growing — and costliest — type of cyberattack is ransomware. That’s why more companies are turning to cyber insurance to hedge their bets. Last year, the global market for such policies was estimated to be in the $13.33 billion range, and projected to reach $84.62 billion by 2030. Because the increased frequency of attacks has resulted in increased payouts, insurance providers now often require proof of adequate security measures. Continue reading Companies Turn to Cyber Insurance as Global Threats Surge

U.S. Senate Aims to Add Cyber Amendments to Defense Bill

Hundreds of amendments are queued up for possible addition to the vast annual defense policy bill. Among those that senators are considering include regulations that address artificial intelligence, cybersecurity and proposals to test election systems for vulnerabilities. Adding cyber measures to the National Defense Authorization Act (NDAA) has become a tradition in recent years because it is “must-pass” legislation and renewed annually. Senate Majority Leader Chuck Schumer (D-New York) hopes to have the Senate’s version of the bill prior to the August recess that commences at the end of this week. Continue reading U.S. Senate Aims to Add Cyber Amendments to Defense Bill

Major Tech Players Launch Frontier Model Forum for Safe AI

Advancing President Biden’s push for responsible development of artificial intelligence, top AI firms including Anthropic, Google, Microsoft and OpenAI have launched the Frontier Model Forum, an industry forum that will work collaboratively with outside researchers and policymakers to implement best practices. The new group will focus on AI safety, research into its risks, and disseminating information to the public, governments and civil society. Other companies involved in building bleeding-edge AI models will also be invited to join and participate in technical evaluations and benchmarks. Continue reading Major Tech Players Launch Frontier Model Forum for Safe AI

Top Tech Firms Support Government’s Planned AI Safeguards

President Biden has secured voluntary commitments from seven leading AI companies who say they will support the executive branch goal of advancing safe, secure and transparent development of artificial intelligence. Executives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft and OpenAI convened at the White House on Friday to support the accord, which some criticized as a half measure, claiming the companies have already embraced independent security testing and a commitment to collaborating with each other and the government. Biden stressed the need to deploy AI altruistically, “to help address society’s greatest challenges.” Continue reading Top Tech Firms Support Government’s Planned AI Safeguards

White House Announces Smart Device Cybersecurity Labeling

The Biden administration has unveiled a new labeling system for smart devices. The U.S. Cyber Trust Mark identifies consumer electronics and appliances that meet security standards and are less vulnerable to cyberattacks. Companies including Amazon, Google, LG, Qualcomm, Samsung and retailer Best Buy participated in announcing the voluntary program. The Connectivity Standards Alliance (CSA), purveyor of the Matter smart home standard, has also pledged support. The program is scheduled to roll out in 2024. Devices bearing the U.S. Cyber Trust Mark will have met security standards established by the National Institute of Standards and Technology (NIST). Continue reading White House Announces Smart Device Cybersecurity Labeling

White House Releases Plan for Cybersecurity Implementation

The Biden administration has issued an implementation framework for its National Cybersecurity Strategy, detailing how the federal government plans to regulate digital security issues. The highly anticipated document lists more than 65 initiatives for executing the “five pillars” of the March 2023 U.S. National Cybersecurity Strategy, described as a “bold, affirmative vision for cyberspace.” The implementation takes a two-pronged approach: empowering capable actors who can bear more of the security responsibility, and the need for incentives that facilitate investment in long-term resilience. Continue reading White House Releases Plan for Cybersecurity Implementation

Senators Question Meta Platforms About Recent LLaMA Leak

Meta Platforms CEO Mark Zuckerberg received a letter this week from Senators Richard Blumenthal and Josh Hawley of the Subcommittee on Privacy, Technology & the Law that took the executive to task for an online leak of the company’s LLaMA artificial intelligence system. The 65-billion parameter language model, which is still under development, was open-sourced in February. Available on request through Meta’s GitHub portal, it wound up on 4chan and BitTorrent “making it available to anyone, anywhere in the world, without monitoring or oversight,” the senators wrote. Continue reading Senators Question Meta Platforms About Recent LLaMA Leak

Politicians and Tech Leaders Gather to Discuss Regulating AI

A new government agency that licenses artificial intelligence above a certain capability, regular testing, and independent audits were some of the ideas to spring from a three-hour Senate judiciary subcommittee hearing to explore ways in which the government might regulate the nascent field. OpenAI co-founder and CEO Sam Altman advocated for all of the above, stressing the need for external validation by independent experts, strict cybersecurity, and a “whole of society approach” to combatting disinformation. While Altman emphasized AI’s advantages, he warned “if this technology goes wrong, it can go quite wrong.” Continue reading Politicians and Tech Leaders Gather to Discuss Regulating AI

Google Workbench Taps AI Tech for Next-Gen Cybersecurity

Generative AI for cybersecurity is an emerging category with Google an early entrant. At this week’s RSA Conference 2023 in San Francisco, Google unveiled Cloud Security AI Workbench, a toolkit powered by a customized AI language model called Sec-PaLM that is “fine-tuned for security use cases.” Accenture is the first client to sign up for Workbench. Google also announced it is combining its Google Cloud and Mandiant ecosystems to offer a turnkey solution to ward off threats “from incident response through proactive defense,” drawing on integrations from more than 100 leading cybersecurity vendors. Continue reading Google Workbench Taps AI Tech for Next-Gen Cybersecurity

U.S. Agencies Join Global Coalition in Secure Software Push

The U.S. and a coalition of international government agencies have issued joint guidance that aims to get software companies to heighten security for their products. “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default” takes the position that today’s software is insecure by default and it is the customer’s burden to take steps to make it safe. Manufacturers should make their products safe before they ship by taking steps including deprecating the “default password,” writing their programs using only secure coding languages, providing free patches and setting up vulnerability reporting programs. Continue reading U.S. Agencies Join Global Coalition in Secure Software Push

OpenAI’s Altman Talks Up Machine Learning on Global Tour

Amidst calls to put the brakes on large language model development, OpenAI CEO Sam Altman has hit the global circuit to tout the advantages of artificial intelligence and commercial opportunities with his firm. Altman’s 17-city tour includes stops in Washington D.C., Toronto, Tokyo, Rio De Janeiro, Lagos, London, Paris, Madrid, Brussels, Munich, Tel Aviv, Singapore, Dubai, New Delhi, Jakarta, Seoul and Melbourne. On Monday, Altman met with Japanese Prime Minister Fumio Kishida and other government officials, vowing to collaborate on protecting user privacy and data protection. Continue reading OpenAI’s Altman Talks Up Machine Learning on Global Tour